Static task
static1
Behavioral task
behavioral1
Sample
31bc3eb3678d3528e56c8f04f7b8a315be399cc3d44830c922fa2df333d88c8f.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
31bc3eb3678d3528e56c8f04f7b8a315be399cc3d44830c922fa2df333d88c8f.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
31bc3eb3678d3528e56c8f04f7b8a315be399cc3d44830c922fa2df333d88c8f
-
Size
812KB
-
MD5
0bff87bd700882eb7307463d943d112b
-
SHA1
92e906a4d7e5196ea4ed7ef8b437ccd953e0751e
-
SHA256
31bc3eb3678d3528e56c8f04f7b8a315be399cc3d44830c922fa2df333d88c8f
-
SHA512
492cac1036e5dc5f2528a50309327642a64af05849e6447815e1d8674038e7fcddf3b7ce2f974843e37e7d1b0e91c8eab31f3ba5850018511bfb5c821a3be9ab
-
SSDEEP
24576:iosVOexaVLdoLsxPGc18VuUzO2d2Zkq524:lIMV571GOtu2Z44
Malware Config
Signatures
Files
-
31bc3eb3678d3528e56c8f04f7b8a315be399cc3d44830c922fa2df333d88c8f.exe windows x86
63b163102a28f88ad1d4213b28a8b7c9
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
SetTextJustification
SetMapperFlags
CombineRgn
EnumFontFamiliesExW
GdiFlush
DescribePixelFormat
GetPaletteEntries
GetLayout
GetViewportOrgEx
SetDIBColorTable
GetSystemPaletteEntries
RoundRect
CreateDCA
SetGraphicsMode
GetEnhMetaFilePaletteEntries
LineDDA
SetPixelFormat
AbortPath
ExcludeClipRect
GetCharacterPlacementW
GetRgnBox
GetTextFaceA
ExtCreateRegion
GetDCOrgEx
TranslateCharsetInfo
CreateRectRgnIndirect
SetROP2
SetPixelV
DeleteEnhMetaFile
GetCharWidth32W
GetGlyphOutlineW
EnumFontFamiliesA
GetObjectType
EndDoc
GetDIBColorTable
GetPixelFormat
GetEnhMetaFileBits
ArcTo
Polyline
CreateFontIndirectA
InvertRgn
GetMapMode
PtInRegion
SetColorAdjustment
GetTextExtentPointW
SetStretchBltMode
GetBitmapDimensionEx
GetGlyphOutlineA
EnumFontsA
GetCharWidthA
SetDCPenColor
GetOutlineTextMetricsA
GetMetaFileA
GetMetaFileBitsEx
PlayEnhMetaFile
GetViewportExtEx
SetMiterLimit
GetDIBits
PathToRegion
SetRectRgn
SetViewportOrgEx
CreateBitmap
DeleteObject
EqualRgn
GetKerningPairsA
CreatePenIndirect
Chord
CreateICA
StrokeAndFillPath
ExtTextOutW
OffsetRgn
SetWorldTransform
ExtFloodFill
CloseMetaFile
EndPath
CloseEnhMetaFile
GetEnhMetaFileA
GetMiterLimit
SetDIBits
BitBlt
RemoveFontResourceA
SetMetaFileBitsEx
SetArcDirection
GetBkColor
CopyMetaFileW
CreateMetaFileA
CopyEnhMetaFileW
CreateDIBPatternBrushPt
SetWinMetaFileBits
AbortDoc
GetObjectA
GetTextColor
SetViewportExtEx
GetRegionData
CreateICW
GetTextExtentExPointA
GetCharWidthFloatA
Arc
FillRgn
UpdateColors
RealizePalette
ScaleViewportExtEx
GetTextExtentExPointW
SelectClipRgn
EndPage
CreateRoundRectRgn
ChoosePixelFormat
GetCurrentObject
GetCharWidth32A
GetCharABCWidthsW
CreateDiscardableBitmap
CreateDIBSection
PolyDraw
GetObjectW
PolylineTo
GetMetaRgn
Ellipse
OffsetViewportOrgEx
ExtEscape
ModifyWorldTransform
SetLayout
PlayEnhMetaFileRecord
GetFontData
EnumFontsW
GetBitmapBits
SetBrushOrgEx
LPtoDP
CreatePatternBrush
Pie
CreateFontIndirectW
GetPolyFillMode
CreateBitmapIndirect
SetWindowExtEx
EnumMetaFile
AddFontResourceA
SetBitmapBits
SetAbortProc
ResetDCA
GetWinMetaFileBits
Rectangle
CreateHatchBrush
CreateCompatibleDC
PolyBezierTo
SaveDC
GetStretchBltMode
StretchDIBits
SetMapMode
SetEnhMetaFileBits
GetCharWidthW
ResetDCW
CreatePalette
DPtoLP
CreatePolygonRgn
GetAspectRatioFilterEx
GetTextExtentPointA
SetPolyFillMode
GetROP2
GetWindowOrgEx
GdiComment
GetTextAlign
SetPaletteEntries
SetBkMode
SetTextColor
GetTextMetricsW
EnumEnhMetaFile
CreateMetaFileW
DeleteDC
EnumObjects
Escape
PatBlt
SetPixel
GetBrushOrgEx
ResizePalette
TextOutW
GetCharABCWidthsFloatW
SetTextCharacterExtra
GetPixel
SetBkColor
CreateEnhMetaFileA
ExtSelectClipRgn
CreateRectRgn
CreatePolyPolygonRgn
GetPath
PolyPolygon
GetTextExtentPoint32W
EnumFontFamiliesExA
StrokePath
PtVisible
CreateHalftonePalette
RectVisible
SetTextAlign
FloodFill
TextOutA
CreateFontW
SetBitmapDimensionEx
GetTextCharacterExtra
SelectObject
SetICMProfileA
GetEnhMetaFileW
CopyMetaFileA
SelectClipPath
GetTextExtentPoint32A
StartDocW
BeginPath
StartPage
MoveToEx
GetCharABCWidthsA
GetTextFaceW
GetStockObject
CreateSolidBrush
CreateFontA
ScaleWindowExtEx
SelectPalette
CreateDIBitmap
GetTextCharset
WidenPath
AngleArc
CreateEnhMetaFileW
ExtTextOutA
PolyBezier
SetDIBitsToDevice
RestoreDC
GetDeviceCaps
GetCurrentPositionEx
DeleteMetaFile
GetClipRgn
FrameRgn
GetFontLanguageInfo
CloseFigure
MaskBlt
GetEnhMetaFileHeader
SwapBuffers
GetTextCharsetInfo
OffsetWindowOrgEx
GetClipBox
EnumFontFamiliesW
CreateCompatibleBitmap
ExtCreatePen
CreateBrushIndirect
GetWindowExtEx
CreateEllipticRgn
OffsetClipRgn
StartDocA
SetWindowOrgEx
GetGraphicsMode
RectInRegion
GetColorAdjustment
CopyEnhMetaFileA
PlgBlt
SetDCBrushColor
GetBkMode
UnrealizeObject
PlayMetaFileRecord
Polygon
GetTextMetricsA
GetNearestColor
SetICMMode
LineTo
FillPath
IntersectClipRect
GetArcDirection
GetNearestPaletteIndex
DrawEscape
SetBoundsRect
GetBoundsRect
FlattenPath
CreateDCW
PaintRgn
CreatePen
PlayMetaFile
PolyPolyline
AnimatePalette
GetCharABCWidthsFloatA
StretchBlt
CreateEllipticRgnIndirect
shell32
ShellExecuteA
SHCreateDirectoryExW
SHGetFileInfoW
FindExecutableA
DragAcceptFiles
SHGetDataFromIDListA
DragFinish
ShellExecuteW
ShellExecuteExA
ExtractIconExW
FindExecutableW
SHBrowseForFolderW
SHGetMalloc
SHGetInstanceExplorer
SHBindToParent
SHFileOperationA
SHAddToRecentDocs
DragQueryFileA
CommandLineToArgvW
SHGetDataFromIDListW
ExtractIconA
DuplicateIcon
SHGetPathFromIDListW
Shell_NotifyIconW
SHGetFolderPathW
SHBrowseForFolderA
SHFreeNameMappings
ShellExecuteExW
SHGetFolderPathA
SHGetPathFromIDListA
ord155
SHGetFileInfoA
ExtractIconW
SHEmptyRecycleBinA
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragQueryFileW
SHGetSpecialFolderPathA
DragQueryPoint
SHAppBarMessage
SHFileOperationW
DoEnvironmentSubstW
SHGetFolderLocation
ExtractIconExA
SHCreateDirectoryExA
SHGetSpecialFolderPathW
SHChangeNotify
Shell_NotifyIconA
comdlg32
GetFileTitleA
ChooseFontA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
ReplaceTextW
PageSetupDlgA
GetSaveFileNameW
ChooseColorW
PageSetupDlgW
FindTextW
FindTextA
ReplaceTextA
PrintDlgA
GetOpenFileNameW
GetFileTitleW
PrintDlgExA
PrintDlgW
ChooseFontW
version
GetFileVersionInfoW
VerQueryValueW
VerQueryValueA
GetFileVersionInfoSizeW
VerLanguageNameA
GetFileVersionInfoA
VerInstallFileA
GetFileVersionInfoSizeA
kernel32
SleepEx
GetModuleFileNameW
CreateMutexW
SearchPathA
VirtualAllocEx
GetWindowsDirectoryA
GetTempFileNameW
ConvertThreadToFiber
GetModuleFileNameA
GetVolumePathNameA
GetProcessWorkingSetSize
EnumResourceLanguagesA
HeapSize
DefineDosDeviceA
GetLocaleInfoA
WaitCommEvent
SetEnvironmentVariableA
RtlUnwind
SetFileAttributesW
MoveFileA
IsProcessorFeaturePresent
CreateMailslotA
HeapCompact
SetLocalTime
RemoveDirectoryW
VirtualAlloc
DisconnectNamedPipe
EnumCalendarInfoW
LockResource
GetSystemDefaultLangID
SetupComm
WritePrivateProfileStringW
FindResourceExW
Heap32Next
OpenFileMappingW
TryEnterCriticalSection
GetPrivateProfileSectionA
DeleteFiber
MoveFileExW
GetDiskFreeSpaceExW
GetCommProperties
DeleteAtom
SetUnhandledExceptionFilter
CreateWaitableTimerW
GetPriorityClass
CreatePipe
UpdateResourceA
FreeEnvironmentStringsA
FreeResource
GetThreadContext
CreateWaitableTimerA
GetProcessAffinityMask
SetWaitableTimer
CreateDirectoryW
GetEnvironmentStrings
WaitForMultipleObjectsEx
EnumResourceTypesA
LoadLibraryExW
EnumSystemLocalesA
QueryPerformanceCounter
HeapReAlloc
LocalHandle
ResetEvent
UnmapViewOfFile
SetThreadExecutionState
SwitchToThread
CreateEventA
CopyFileA
GetPrivateProfileIntW
PurgeComm
FindClose
GetCurrentThread
SetLastError
VerLanguageNameA
SetFileAttributesA
WaitNamedPipeW
DeleteVolumeMountPointW
GlobalGetAtomNameA
RaiseException
SetProcessWorkingSetSize
GetCommState
GetComputerNameW
CreateProcessA
WaitNamedPipeA
GetCPInfo
BackupWrite
VirtualProtect
WritePrivateProfileStringA
GetProcessHeap
AllocConsole
VirtualFree
GetVolumePathNameW
GetFileTime
GetFileSizeEx
CopyFileExA
ClearCommError
EnumSystemLanguageGroupsW
GetCommModemStatus
LocalUnlock
InterlockedDecrement
CreateFileMappingA
GetProfileSectionA
FindVolumeClose
OpenMutexW
ReadDirectoryChangesW
GetThreadTimes
GetCommMask
OpenEventA
OpenEventW
CompareStringW
CreateMutexA
PulseEvent
WriteConsoleW
FreeLibrary
DeviceIoControl
lstrcmpA
SetErrorMode
GlobalHandle
VerifyVersionInfoW
ConnectNamedPipe
FindFirstFileW
GetStartupInfoW
WritePrivateProfileSectionW
DebugBreak
GetComputerNameExW
SetCommBreak
GetDateFormatA
lstrcmpiW
SetVolumeLabelA
GetProfileIntA
GetSystemTimeAdjustment
OpenMutexA
ReadConsoleInputA
BeginUpdateResourceA
GlobalLock
EscapeCommFunction
GetTempPathW
CloseHandle
RtlFillMemory
BackupSeek
LocalReAlloc
LoadLibraryExA
CreateFileA
LCMapStringW
DeleteFileA
lstrlenA
GlobalGetAtomNameW
FlushViewOfFile
GetTimeFormatA
DeleteVolumeMountPointA
lstrcatW
GetSystemTimeAsFileTime
FindResourceW
GetProfileStringW
SetThreadPriority
OutputDebugStringW
GetNumberFormatW
LoadLibraryW
LockFileEx
VirtualProtectEx
SetCommConfig
SetConsoleTitleW
Thread32First
EndUpdateResourceA
Beep
GlobalReAlloc
GetWindowsDirectoryW
SetCommMask
CreateToolhelp32Snapshot
VerSetConditionMask
lstrcpynA
SearchPathW
DisableThreadLibraryCalls
ExpandEnvironmentStringsA
FindNextVolumeW
WinExec
ClearCommBreak
GetProcAddress
GetLogicalDriveStringsW
GetTempPathA
GetPrivateProfileIntA
SwitchToFiber
GetSystemPowerStatus
GetSystemTime
ReleaseSemaphore
GetCPInfoExA
GetOEMCP
GetSystemInfo
GetFullPathNameA
WideCharToMultiByte
CopyFileW
SetCurrentDirectoryW
Sleep
CreateFiber
VirtualQueryEx
VirtualQuery
FindResourceA
GetStdHandle
lstrcmpiA
TlsAlloc
ReadFile
SetNamedPipeHandleState
LocalAlloc
ProcessIdToSessionId
EndUpdateResourceW
FormatMessageA
VirtualLock
Process32Next
SystemTimeToTzSpecificLocalTime
GlobalUnlock
ReleaseMutex
CancelIo
HeapDestroy
ExitThread
GetQueuedCompletionStatus
lstrcatA
GetTapeParameters
Process32FirstW
AreFileApisANSI
SetTapePosition
SetTimeZoneInformation
EnumResourceNamesW
HeapCreate
GetCurrentProcess
IsDebuggerPresent
FormatMessageW
SuspendThread
LocalFileTimeToFileTime
ExitProcess
FreeConsole
SetEnvironmentVariableW
GetTimeZoneInformation
WaitForSingleObjectEx
GetTempFileNameA
GetComputerNameExA
GlobalDeleteAtom
CreateDirectoryA
CopyFileExW
GetStringTypeExW
PostQueuedCompletionStatus
Module32FirstW
UnlockFile
DeleteFileW
QueueUserAPC
IsBadWritePtr
QueryDosDeviceW
CompareFileTime
SetVolumeMountPointA
DebugActiveProcess
IsBadReadPtr
GetFileAttributesA
GlobalAddAtomA
SetConsoleCtrlHandler
IsDBCSLeadByteEx
GetLastError
GetLocaleInfoW
LoadResource
Module32First
CompareStringA
GetLocalTime
GetProfileIntW
GetConsoleScreenBufferInfo
GetCommandLineA
GetStringTypeA
GetSystemWindowsDirectoryA
IsDBCSLeadByte
GetDriveTypeW
LeaveCriticalSection
TransmitCommChar
WriteConsoleOutputW
GetPrivateProfileSectionNamesA
DuplicateHandle
lstrlenW
CreateThread
GetComputerNameA
GetCurrentProcessId
LocalFree
GetConsoleOutputCP
SetEvent
SystemTimeToFileTime
IsValidCodePage
OpenSemaphoreA
FindAtomW
FindNextFileW
GetUserDefaultLCID
GetExitCodeProcess
CreateDirectoryExA
InterlockedIncrement
GetMailslotInfo
SetSystemTime
BackupRead
GetCurrentDirectoryA
GetProcessTimes
SetFilePointerEx
TlsSetValue
WaitForMultipleObjects
SetPriorityClass
_lclose
ResumeThread
GetShortPathNameA
_lwrite
HeapFree
FindNextChangeNotification
RemoveDirectoryA
EnumUILanguagesW
SetHandleCount
CreateFileMappingW
GetNumberFormatA
LocalCompact
GetFileType
SetThreadContext
EnumResourceNamesA
GetCommandLineW
GetShortPathNameW
BuildCommDCBA
GetVersionExA
GetCompressedFileSizeW
GetCommTimeouts
FindFirstChangeNotificationA
GlobalAddAtomW
FindFirstFileExW
GlobalMemoryStatusEx
FlushInstructionCache
ExpandEnvironmentStringsW
CommConfigDialogW
QueryDosDeviceA
FatalAppExitA
Heap32First
FindCloseChangeNotification
OutputDebugStringA
_lopen
Process32First
GetFileAttributesExA
GetEnvironmentVariableA
GetVersionExW
InitializeCriticalSection
TlsGetValue
GlobalFree
OpenFile
Module32NextW
SetFilePointer
lstrcpyW
GetUserDefaultLangID
ConvertDefaultLocale
GetLogicalDrives
WaitForDebugEvent
GetCommConfig
GetPrivateProfileStringA
GetPrivateProfileStructA
GetModuleHandleW
GetFileAttributesW
_lcreat
SetProcessAffinityMask
FileTimeToLocalFileTime
SetCommState
GetExitCodeThread
SetStdHandle
IsValidLocale
GetLongPathNameW
MoveFileW
GetProcessVersion
GetUserDefaultUILanguage
GetEnvironmentStringsW
CreateSemaphoreW
SetThreadAffinityMask
_lread
OpenProcess
FileTimeToDosDateTime
TerminateProcess
PeekNamedPipe
SetHandleInformation
GetTickCount
DeleteCriticalSection
SetCommTimeouts
FindResourceExA
HeapAlloc
_hwrite
InterlockedExchangeAdd
GlobalSize
CreateNamedPipeA
GetAtomNameA
Thread32Next
MoveFileExA
WritePrivateProfileStructW
OpenFileMappingA
ContinueDebugEvent
WriteConsoleA
GetVolumeInformationA
EnumLanguageGroupLocalesW
GetSystemDefaultLCID
LocalLock
DosDateTimeToFileTime
FindFirstFileA
GetModuleHandleA
GetPrivateProfileStringW
VirtualFreeEx
IsBadStringPtrW
GetStringTypeExA
InitializeCriticalSectionAndSpinCount
GetDiskFreeSpaceExA
GetTimeFormatW
InterlockedCompareExchange
MapViewOfFile
SetCurrentDirectoryA
HeapValidate
GlobalFindAtomA
GetDiskFreeSpaceW
WaitForSingleObject
LocalSize
_llseek
GetDriveTypeA
AddAtomW
CreateSemaphoreA
GetStringTypeW
GetSystemDirectoryA
WritePrivateProfileSectionA
GetCurrentThreadId
FlushConsoleInputBuffer
IsBadCodePtr
FindFirstChangeNotificationW
UnhandledExceptionFilter
GetDateFormatW
SetEndOfFile
GetOverlappedResult
GetConsoleCP
GetSystemDirectoryW
Toolhelp32ReadProcessMemory
SetProcessShutdownParameters
GetVolumeNameForVolumeMountPointA
InterlockedExchange
SizeofResource
GetFullPathNameW
Process32NextW
CreateEventW
FreeEnvironmentStringsW
OpenThread
GetCurrentDirectoryW
GetConsoleMode
WriteProfileStringW
SetThreadLocale
GetVersion
UpdateResourceW
WriteProfileStringA
MultiByteToWideChar
CreateFileW
GetThreadPriority
ReadProcessMemory
FindFirstVolumeW
GetStartupInfoA
GetCurrencyFormatA
WriteFile
SetComputerNameW
CreateIoCompletionPort
SetVolumeLabelW
lstrcpyA
GetFileAttributesExW
UnlockFileEx
GetEnvironmentVariableW
LCMapStringA
GetHandleInformation
MapViewOfFileEx
GetVolumeInformationW
GlobalFindAtomW
CreateProcessW
WritePrivateProfileStructA
GlobalAlloc
lstrcmpW
CreateNamedPipeW
SetMailslotInfo
Module32Next
QueueUserWorkItem
EnumCalendarInfoA
FindNextFileA
GetProcessHeaps
GetProfileStringA
lstrcpynW
GlobalMemoryStatus
GetVolumeNameForVolumeMountPointW
VerifyVersionInfoA
SetFileTime
WriteProcessMemory
FileTimeToSystemTime
EnumResourceLanguagesW
FlushFileBuffers
GetBinaryTypeA
GetThreadLocale
Heap32ListNext
GetACP
_hread
EnumCalendarInfoExW
GetDiskFreeSpaceA
SetConsoleMode
EnterCriticalSection
LockFile
BeginUpdateResourceW
SetProcessPriorityBoost
Heap32ListFirst
OpenSemaphoreW
GetLogicalDriveStringsA
WriteFileEx
advapi32
LsaRemoveAccountRights
GetSidLengthRequired
RegEnumKeyA
LogonUserW
SetSecurityInfo
SetSecurityDescriptorControl
RegOpenKeyW
DeleteAce
AddAce
SetNamedSecurityInfoW
GetSecurityInfo
RegCreateKeyExW
EnumDependentServicesW
RegDeleteKeyW
RegisterServiceCtrlHandlerExA
RegCreateKeyA
CryptGetUserKey
RegisterServiceCtrlHandlerW
ImpersonateSelf
EnumServicesStatusA
RegFlushKey
RegSetKeySecurity
GetSidSubAuthority
RegEnumKeyExW
GetAclInformation
AddAccessAllowedAce
GetTokenInformation
GetSecurityDescriptorLength
OpenSCManagerW
CryptHashData
CopySid
SetThreadToken
SetTokenInformation
SetSecurityDescriptorDacl
CryptGetHashParam
OpenSCManagerA
ChangeServiceConfigA
CryptEnumProvidersW
SetEntriesInAclW
RegDeleteKeyA
RegDeleteValueW
SetServiceStatus
LsaLookupNames
RegRestoreKeyA
IsValidSid
DeleteService
SetSecurityDescriptorGroup
EqualPrefixSid
ChangeServiceConfig2W
RegEnumValueW
GetNamedSecurityInfoW
RegQueryInfoKeyW
LsaLookupSids
DuplicateTokenEx
GetEffectiveRightsFromAclA
LockServiceDatabase
RegLoadKeyW
RegEnumKeyW
SetServiceObjectSecurity
CreateServiceA
QueryServiceConfigA
RegisterEventSourceW
RegSaveKeyA
SetEntriesInAclA
StartServiceW
StartServiceCtrlDispatcherW
CryptExportKey
RegOpenKeyExW
GetNamedSecurityInfoA
GetSidIdentifierAuthority
InitializeSecurityDescriptor
CryptCreateHash
LookupPrivilegeValueA
RegNotifyChangeKeyValue
RegSetValueExA
RegOpenCurrentUser
FreeSid
RegOpenKeyA
MakeSelfRelativeSD
AdjustTokenPrivileges
GetExplicitEntriesFromAclW
RegisterEventSourceA
RegisterServiceCtrlHandlerA
DuplicateToken
GetSecurityDescriptorDacl
RegSaveKeyW
CryptDestroyHash
ConvertStringSidToSidW
LogonUserA
RegQueryValueW
CryptGetKeyParam
RegSetValueExW
OpenServiceW
RegConnectRegistryW
ReportEventW
ReadEncryptedFileRaw
SetSecurityDescriptorOwner
GetFileSecurityW
RegSetValueA
EncryptFileW
ConvertStringSidToSidA
MapGenericMask
SetSecurityDescriptorSacl
RegEnumValueA
BuildTrusteeWithNameW
IsValidAcl
RegOpenKeyExA
CryptAcquireContextW
ReportEventA
CryptDecrypt
StartServiceA
GetUserNameW
RegUnLoadKeyW
AllocateAndInitializeSid
BuildTrusteeWithSidW
LookupPrivilegeValueW
LsaOpenPolicy
CryptDeriveKey
ImpersonateLoggedOnUser
QueryServiceLockStatusW
ImpersonateNamedPipeClient
OpenServiceA
CloseServiceHandle
WriteEncryptedFileRaw
OpenEncryptedFileRawW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegConnectRegistryA
LsaNtStatusToWinError
GetSecurityDescriptorGroup
GetUserNameA
RegRestoreKeyW
LsaQueryInformationPolicy
GetKernelObjectSecurity
LookupPrivilegeNameA
LookupAccountNameA
InitializeAcl
IsValidSecurityDescriptor
RegQueryInfoKeyA
RegQueryValueExA
DeregisterEventSource
RegCreateKeyW
OpenThreadToken
RegQueryValueA
GetSecurityDescriptorOwner
LsaClose
LsaFreeMemory
EqualSid
LookupPrivilegeDisplayNameA
LookupAccountSidA
CreateProcessAsUserA
ControlService
RegDeleteValueA
ChangeServiceConfig2A
CryptGenRandom
CryptVerifySignatureA
QueryServiceStatusEx
CryptReleaseContext
CryptImportKey
MakeAbsoluteSD
LookupAccountNameW
QueryServiceConfigW
InitiateSystemShutdownExW
SetFileSecurityW
CryptEncrypt
RegCloseKey
CreateServiceW
RegDisablePredefinedCache
OpenProcessToken
ChangeServiceConfigW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
CryptGenKey
GetLengthSid
RegEnumKeyExA
GetAce
SetFileSecurityA
RegGetKeySecurity
CreateWellKnownSid
InitiateSystemShutdownA
InitializeSid
LookupAccountSidW
CheckTokenMembership
CryptDestroyKey
CreateProcessAsUserW
ConvertSidToStringSidW
CryptAcquireContextA
RegLoadKeyA
StartServiceCtrlDispatcherA
RegUnLoadKeyA
GetFileSecurityA
SetNamedSecurityInfoA
CloseEncryptedFileRaw
ConvertSecurityDescriptorToStringSecurityDescriptorW
RegQueryValueExW
GetSecurityDescriptorControl
RegSetValueW
CryptSetProvParam
RevertToSelf
GetSidSubAuthorityCount
RegCreateKeyExA
UnlockServiceDatabase
LsaAddAccountRights
QueryServiceStatus
AccessCheck
ole32
StgCreateDocfile
CreateClassMoniker
CoQueryProxyBlanket
StgCreateStorageEx
GetHGlobalFromStream
CoTaskMemFree
CoImpersonateClient
OleLockRunning
CoMarshalInterThreadInterfaceInStream
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoGetMalloc
OleFlushClipboard
WriteClassStm
CoTreatAsClass
ReleaseStgMedium
CoCreateInstance
CoSetProxyBlanket
OleCreateFromData
CoResumeClassObjects
IIDFromString
OleRegGetUserType
CoGetInterfaceAndReleaseStream
CoUnmarshalInterface
CoInitialize
CreateBindCtx
CoFileTimeNow
CoSuspendClassObjects
OleLoad
OleLoadFromStream
CLSIDFromProgID
SetConvertStg
CreateGenericComposite
MkParseDisplayName
OleSetContainedObject
CoReleaseMarshalData
CreateOleAdviseHolder
CoLoadLibrary
CreateItemMoniker
OleRun
CoRegisterClassObject
ReadFmtUserTypeStg
OleTranslateAccelerator
DoDragDrop
OleQueryLinkFromData
OleSaveToStream
FreePropVariantArray
RegisterDragDrop
OleUninitialize
CoRegisterMessageFilter
WriteClassStg
CoCreateGuid
OleCreate
CoTaskMemRealloc
GetHGlobalFromILockBytes
CoCopyProxy
GetRunningObjectTable
CLSIDFromString
OleGetClipboard
OleQueryCreateFromData
CoRevokeClassObject
OleCreateStaticFromData
CoRegisterMallocSpy
ReadClassStm
OleCreateLinkToFile
StgIsStorageFile
CoGetObject
StgOpenStorage
StringFromIID
ProgIDFromCLSID
RevokeDragDrop
StgOpenStorageOnILockBytes
StgIsStorageILockBytes
OleSetMenuDescriptor
CoInitializeSecurity
IsAccelerator
CoGetClassObject
BindMoniker
StgCreateDocfileOnILockBytes
PropVariantClear
CoRevertToSelf
CreateDataAdviseHolder
OleGetIconOfClass
CoDisconnectObject
CoLockObjectExternal
CoInitializeEx
OleDraw
CoMarshalInterface
OleSave
StringFromGUID2
GetClassFile
OleIsCurrentClipboard
OleIsRunning
CoCreateInstanceEx
StringFromCLSID
CoTaskMemAlloc
OleRegGetMiscStatus
OleSetClipboard
CreateFileMoniker
OleCreateFromFile
OleRegEnumVerbs
OleDuplicateData
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
ReadClassStg
OleCreateLinkFromData
CoRevokeMallocSpy
CoUninitialize
OleInitialize
WriteFmtUserTypeStg
CoFreeUnusedLibraries
comctl32
FlatSB_EnableScrollBar
_TrackMouseEvent
CreatePropertySheetPageA
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_Copy
ImageList_Remove
ImageList_Create
ImageList_SetIconSize
CreateStatusWindowW
ImageList_Read
ImageList_GetDragImage
ImageList_Add
ImageList_BeginDrag
CreateUpDownControl
InitializeFlatSB
ImageList_LoadImageA
ImageList_DrawEx
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_DragEnter
ImageList_GetIconSize
ImageList_SetImageCount
ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_AddMasked
InitCommonControlsEx
ImageList_DragLeave
ImageList_Write
ImageList_EndDrag
CreatePropertySheetPageW
ImageList_Duplicate
ImageList_GetImageCount
ImageList_Destroy
CreateToolbarEx
MakeDragList
ImageList_SetOverlayImage
DrawStatusTextW
ImageList_LoadImage
PropertySheetW
ImageList_DragMove
ImageList_GetBkColor
ImageList_Draw
ImageList_LoadImageW
ImageList_DrawIndirect
ord17
ImageList_AddIcon
ImageList_SetFlags
PropertySheetA
FlatSB_ShowScrollBar
ImageList_Replace
ImageList_Merge
user32
GetMenuState
GetLastInputInfo
GetParent
DdeGetLastError
GetDoubleClickTime
DdeClientTransaction
SetWindowLongA
ArrangeIconicWindows
TileChildWindows
SetMenuItemBitmaps
RegisterClipboardFormatW
EnumDisplaySettingsW
GetUserObjectInformationA
TrackMouseEvent
GetScrollBarInfo
SetMenuDefaultItem
ReleaseDC
ChangeDisplaySettingsA
ChangeDisplaySettingsW
IsDialogMessage
SendMessageA
MapVirtualKeyExW
GrayStringA
FindWindowExA
GetKeyboardLayoutNameA
CopyImage
DrawIconEx
DispatchMessageW
SetThreadDesktop
MonitorFromWindow
GetWindowTextLengthA
TabbedTextOutA
HideCaret
DdeQueryStringW
LookupIconIdFromDirectoryEx
IsWindowUnicode
UnionRect
SetClipboardViewer
RegisterHotKey
MessageBoxIndirectA
WinHelpW
DispatchMessageA
LoadImageW
CharLowerA
OemToCharA
ExcludeUpdateRgn
SetWindowPlacement
GetMessageTime
TrackPopupMenuEx
GetThreadDesktop
DdeCreateStringHandleW
MapDialogRect
SystemParametersInfoW
HiliteMenuItem
SetRectEmpty
SendMessageW
TileWindows
CloseDesktop
SendInput
GetClassInfoW
SetWindowRgn
SystemParametersInfoA
BeginPaint
IsDlgButtonChecked
TranslateMDISysAccel
DdeFreeStringHandle
SetCursor
LookupIconIdFromDirectory
CreateIconIndirect
GetMenuItemID
GetMenuItemInfoW
MoveWindow
SetMenuItemInfoA
ReleaseCapture
CreateAcceleratorTableA
RegisterDeviceNotificationW
GetClassNameA
GetMenuDefaultItem
GetNextDlgTabItem
RemoveMenu
GetMenuInfo
LoadMenuIndirectW
DrawFocusRect
LoadAcceleratorsA
GetForegroundWindow
GetWindowRect
CreateDialogIndirectParamA
GetKeyboardState
GetKeyNameTextA
CreateIconFromResource
SetScrollInfo
ReplyMessage
LoadImageA
CopyRect
ShowScrollBar
IsRectEmpty
SetCaretBlinkTime
GetCursorInfo
InsertMenuItemA
DlgDirListComboBoxW
InsertMenuW
DrawTextW
GetMonitorInfoW
FlashWindow
SetWindowTextW
SetCaretPos
BringWindowToTop
SetForegroundWindow
DdeCreateDataHandle
GetWindowContextHelpId
SetProcessWindowStation
GetInputState
IsChild
GetUserObjectInformationW
GetProcessWindowStation
GetLastActivePopup
CreateWindowExA
LoadBitmapW
DdeInitializeA
DestroyAcceleratorTable
DragDetect
PeekMessageW
GetDialogBaseUnits
CharLowerBuffW
LoadIconW
ModifyMenuA
FrameRect
GetWindowWord
EnableMenuItem
UnregisterClassW
WaitMessage
CharToOemBuffA
InsertMenuA
LockSetForegroundWindow
DialogBoxIndirectParamA
ModifyMenuW
DlgDirListComboBoxA
AdjustWindowRect
SetDoubleClickTime
EnumDisplayMonitors
ToUnicode
DrawStateA
SwapMouseButton
OpenInputDesktop
KillTimer
SetUserObjectSecurity
GetMenu
GetClipboardFormatNameW
DdeUnaccessData
PostMessageW
IsMenu
IsWindowEnabled
ChildWindowFromPoint
DialogBoxParamA
MsgWaitForMultipleObjectsEx
DefFrameProcW
ScrollDC
CheckMenuItem
GetWindowInfo
RemovePropW
RegisterClassW
DdeGetData
DrawTextA
GetWindowRgn
CheckRadioButton
ScrollWindow
wsprintfA
DdeNameService
GetCursor
GetDlgItemTextW
GetMenuContextHelpId
SendNotifyMessageW
RegisterClassExW
DestroyCaret
ToAsciiEx
DlgDirSelectExA
PostMessageA
DdePostAdvise
GetDlgItem
CloseWindow
GetQueueStatus
CreateDialogParamW
CharToOemA
SetClassLongW
SetScrollPos
SetFocus
GetClipboardFormatNameA
GetMenuStringA
WindowFromPoint
UnregisterClassA
DlgDirSelectComboBoxExA
CreateWindowExW
PackDDElParam
IsDialogMessageW
CharNextA
GetCaretPos
GetClipboardOwner
TranslateAcceleratorA
UnregisterDeviceNotification
GetClassInfoExA
GetSystemMenu
GetWindowTextW
FindWindowA
SetActiveWindow
SetDlgItemTextA
EndDialog
TrackPopupMenu
ValidateRect
SetMenu
OpenDesktopA
VkKeyScanExA
MonitorFromPoint
DefMDIChildProcA
GetMenuCheckMarkDimensions
ShowCaret
GetActiveWindow
GetKeyState
BeginDeferWindowPos
CallNextHookEx
GetClassLongA
GetMenuItemRect
VkKeyScanW
GetWindow
CopyAcceleratorTableA
EmptyClipboard
EqualRect
FillRect
DrawCaption
FindWindowW
CopyAcceleratorTableW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageW
DestroyWindow
DrawEdge
MonitorFromRect
GetSystemMetrics
GetScrollInfo
ValidateRgn
FreeDDElParam
CreateDialogParamA
GetKeyboardLayoutList
ClipCursor
CreateDesktopW
RegisterClipboardFormatA
MapVirtualKeyExA
GetDesktopWindow
SendDlgItemMessageA
DrawTextExW
DefWindowProcW
UnregisterHotKey
ScreenToClient
DdeCreateStringHandleA
GetMonitorInfoA
SetPropA
GetSysColorBrush
LoadCursorFromFileA
WaitForInputIdle
IsIconic
ChangeClipboardChain
CreateAcceleratorTableW
MessageBoxW
SetTimer
CharUpperBuffA
PtInRect
ShowCursor
SetWindowsHookExA
DestroyIcon
CharUpperW
GrayStringW
UnpackDDElParam
DdeConnect
GetPropA
GetMenuItemCount
LoadCursorFromFileW
PostThreadMessageW
DefFrameProcA
GetCursorPos
InvalidateRect
IsCharAlphaNumericA
LoadKeyboardLayoutA
GetIconInfo
GetTitleBarInfo
wvsprintfW
IsZoomed
GetMessageA
EnableWindow
IsCharAlphaA
SetWindowLongW
keybd_event
ShowWindowAsync
DrawIcon
MapVirtualKeyA
SetWindowsHookExW
GetKeyboardLayout
GetDlgItemTextA
RealChildWindowFromPoint
CallWindowProcA
SetRect
GetAncestor
MessageBeep
TranslateAcceleratorW
PostThreadMessageA
IntersectRect
OemToCharBuffA
CharUpperBuffW
GetClassWord
GetCaretBlinkTime
UpdateWindow
LoadBitmapA
IsCharLowerW
GetDC
SendMessageTimeoutW
SetWindowContextHelpId
EnumClipboardFormats
GetKeyNameTextW
ToAscii
GetWindowLongW
SetWindowPos
CallMsgFilterA
GetCapture
InvalidateRgn
GetAsyncKeyState
GetWindowPlacement
SetCapture
ExitWindowsEx
CreateIcon
InsertMenuItemW
SetParent
ShowWindow
CopyIcon
WindowFromDC
SetMenuContextHelpId
SetMenuItemInfoW
SwitchDesktop
DrawFrameControl
CheckMenuRadioItem
GetClipCursor
MapVirtualKeyW
CreateMDIWindowA
DdeUninitialize
GetDlgCtrlID
SetCursorPos
SendNotifyMessageA
ToUnicodeEx
DdeAccessData
GetNextDlgGroupItem
MsgWaitForMultipleObjects
CharNextW
TranslateMessage
CharNextExA
wvsprintfA
LoadStringW
GetWindowDC
LoadMenuIndirectA
CharLowerBuffA
ClientToScreen
SetClipboardData
SetLayeredWindowAttributes
InflateRect
GetUserObjectSecurity
NotifyWinEvent
SetMessageExtraInfo
LoadStringA
SetPropW
CreateCaret
CreateCursor
RemovePropA
GetDlgItemInt
CallWindowProcW
CreatePopupMenu
GetClassLongW
InvertRect
GetMessageW
DdeQueryStringA
GetClassInfoA
GetScrollPos
EndPaint
SetDlgItemTextW
GetTabbedTextExtentA
GetUpdateRect
SetKeyboardState
UnhookWindowsHookEx
mouse_event
GetWindowTextLengthW
DefDlgProcA
DdeFreeDataHandle
DestroyCursor
GetSysColor
GetClassNameW
CloseWindowStation
EnumDisplaySettingsA
CreateMenu
ReuseDDElParam
LoadCursorW
AllowSetForegroundWindow
GetOpenClipboardWindow
GetWindowTextA
LoadMenuA
EnumDesktopWindows
LoadAcceleratorsW
DdeInitializeW
OpenClipboard
DeferWindowPos
SendMessageTimeoutA
OpenDesktopW
EnumChildWindows
DeleteMenu
ShowOwnedPopups
GetClipboardViewer
CheckDlgButton
LoadCursorA
SetMenuInfo
AppendMenuA
DialogBoxIndirectParamW
DestroyMenu
GetClassInfoExW
GetMenuStringW
LockWindowUpdate
DdeDisconnect
GetDCEx
SetWindowTextA
VkKeyScanA
IsClipboardFormatAvailable
AttachThreadInput
CharUpperA
GetWindowLongA
GetPropW
ChildWindowFromPointEx
LoadIconA
GetScrollRange
ActivateKeyboardLayout
DrawMenuBar
CreateDialogIndirectParamW
GetMenuItemInfoA
FlashWindowEx
EnumThreadWindows
CreateIconFromResourceEx
GetMessageExtraInfo
SubtractRect
OpenIcon
PostQuitMessage
DialogBoxParamW
DlgDirListA
IsCharAlphaNumericW
CharLowerW
GetFocus
LoadMenuW
MessageBoxExA
IsCharUpperA
GetClipboardData
GetSubMenu
DrawAnimatedRects
MapWindowPoints
IsWindowVisible
PeekMessageA
WinHelpA
IsCharLowerA
RedrawWindow
EnumWindows
RegisterClassExA
BroadcastSystemMessage
EndDeferWindowPos
CloseClipboard
CreateMDIWindowW
DrawTextExA
SetDlgItemInt
CountClipboardFormats
IsWindow
OpenWindowStationW
ScrollWindowEx
UnhookWinEvent
AppendMenuW
CharPrevA
GetComboBoxInfo
RegisterClassA
AnimateWindow
SetScrollRange
FindWindowExW
GetWindowThreadProcessId
MenuItemFromPoint
OffsetRect
wsprintfW
SetClassLongA
CascadeWindows
IsDialogMessageA
InSendMessage
RegisterWindowMessageA
DefWindowProcA
OpenWindowStationA
GetMessagePos
GetClientRect
GetWindowModuleFileNameW
GetMenuBarInfo
GetGUIThreadInfo
DrawStateW
DefMDIChildProcW
AdjustWindowRectEx
GetUpdateRgn
GetTopWindow
Sections
.text Size: 72KB - Virtual size: 71KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 480KB - Virtual size: 477KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 140KB - Virtual size: 138KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 116KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ